<?php
  include("header.php");
  include("functions.php");
  if ($_SESSION['user_level'] != 1) {
      header("location: redirect.php");
  } else {
      if ($_SERVER['REQUEST_METHOD'] != 'POST') {
          $pageTitle = "Word filter";
          $result = mysql_query("SELECT * FROM " . $table_prefix . "word_filter");
          while ($row = mysql_fetch_assoc($result)) {
              $text = $row['bad_words'];
          }
          $bad_word_filter = get_value_of('$bad_word_filter');
          $bad_word_filter = trim($bad_word_filter);
          $bad_word_filter = preg_replace("#[^0-9]#", "", $bad_word_filter);
          if ($bad_word_filter == "1") {
              $bwyes = "checked";
              $bwno = "";
          } else {
              $bwyes = "";
              $bwno = "checked";
          }
          
          $tags = array('{TITLE}', '{WORDS}', '{BAD_WORD}', '{BWYES}', '{BWNO}', '{CENSORED}', '{CONFIRM}');
          $data = array('Word filter', $text, 'Bad word filter:', $bwyes, $bwno, 'Censored words:', 'Confirm');
          echo str_replace($tags, $data, file_get_contents("./style/" . $default_style . "/word_filter.html"));
      } else {
          //bad_word_filter
          $words = mysql_real_escape_string($_POST['words']);
          if ($words == "") {
              $words = "fuck, ass";
          }
          $words = trim($words);
          //iframe replace
          $words = str_replace('%69%66%72%61%6D%65', 'iframe', $words);
          $words = convEnt2($words);
          
          write_value_of('$bad_word_filter', "$bad_word_filter", $_POST['bad_word']);
          $result = mysql_query("UPDATE " . $table_prefix . "word_filter SET bad_words = '$words' WHERE words_id = 1") or die(mysql_error());
          
          
          echo "<b>Information</b><hr><br /><div align='center'>Configuration updated successfully.<br /><br /><a href = 'word_filter.php'>Back to previous page</a></div>";
      }
      // Get all the page's HTML into a string
      $pageContents = ob_get_contents();
      // Wipe the buffer 
      ob_end_clean();
      echo str_replace('<!--TITLE-->', $pageTitle, $pageContents);
  }
?>
